package com.rui.cn.consumer.config;

import com.rui.cn.entity.system.SysPermission;
import com.rui.cn.entity.system.SysRole;
import com.rui.cn.entity.system.SysUser;
import com.rui.cn.feignservice.SysPermissionService;
import com.rui.cn.feignservice.SysRoleService;
import com.rui.cn.feignservice.SysUserService;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;

import java.util.List;

/**shiro的Realm配置
*@创建人：[zhang]
*@类名：MyShiroRealm
*@时间：2018/1/13 0013-下午 22:15
**/
public class MyShiroRealm extends AuthorizingRealm {
    //用户
    @Autowired
    private SysUserService sysUserService;
    //权限
    @Autowired
    private SysPermissionService sysPermissionService;
    //角色
    @Autowired
    private SysRoleService sysRoleService;
    //授权
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        Object o= SecurityUtils.getSubject().getPrincipal();//User{id=1, username='admin', password='3ef7164d1f6167cb9f2658c07d3c2f0a', enable=1}
        SysUser user =new SysUser();
        BeanUtils.copyProperties(o,user);
        List<SysPermission> resourcesList = sysPermissionService.loadUserPermission(user.getId());
        // 权限信息对象info,用来存放查出的用户的所有的角色（role）及权限（permission）
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        for(SysPermission resources: resourcesList){
            info.addStringPermission(resources.getPermission());
        }
        //添加用户拥有的角色
        List<SysRole> roleList = sysRoleService.getRoleList(user.getId());
        for (SysRole role : roleList) {
            info.addRole(role.getRolename());
        }
        return info;
    }

    //认证
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        //获取用户的输入的账号.
        String username = (String)token.getPrincipal();
        SysUser user = sysUserService.selectByUsername(username);
        if(user==null) throw new UnknownAccountException();
        if (0==user.getEnable()) {
            throw new LockedAccountException(); // 帐号锁定
        }
        SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(
                user, //用户
                user.getPassward(), //密码
                ByteSource.Util.bytes(username),
                getName()  //realm name
        );
        // 当验证都通过后，把用户信息放在session里
        Session session = SecurityUtils.getSubject().getSession();
        session.setAttribute("userSession", user);
        session.setAttribute("userSessionId", user.getId());
        return authenticationInfo;
    }


}